sup Logging Function Format String Errors May Let Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1010539
|
|
SecurityTracker URL: http://securitytracker.com/id?1010539
|
|
CVE Reference: CAN-2004-0451
(Links to External Site)
|
Date: Jun 19 2004
|
Impact: Execution of arbitrary code via network, User access via network
|
Description: A format string vulnerability was reported in sup. A remote user may be able to execute arbitrary code on the target system.
Debian reported that jaguar@felinemenace.org discovered a format string vulnerability in sup. A remote user may be able to cause
arbitrary code to be executed with the privileges of the supfilesrv process.
The flaws are due to syslog(3) calls in the logquit,
logerr, and loginfo functions that are made without the appropriate format string specifiers.
|
Impact: A remote user may be able to execute arbitrary code with the privileges of the supfilesrv process.
|
Solution: No upstream solution was available at the time of this entry.
|
Cause: Input validation error, State error
|
Underlying OS: Linux (Any), UNIX (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Sat, 19 Jun 2004 10:26:51 -0400
Subject: CAN-2004-0451
|
CVE: CAN-2004-0451
Debian reported that jaguar@felinemenace.org discovered a format string vulnerability in
sup. A remote user may be able to cause arbitrary code to be executed on the target
system with the privileges of the supfilesrv process.
> CAN-2004-0451: format string vulnerabilities in sup via syslog(3) in logquit, logerr,
> loginfo functions
|
|
